CN115587348B - Configurable security control method, device and medium for access of PCIE (peripheral component interface express) equipment - Google Patents

Configurable security control method, device and medium for access of PCIE (peripheral component interface express) equipment Download PDF

Info

Publication number
CN115587348B
CN115587348B CN202211483088.8A CN202211483088A CN115587348B CN 115587348 B CN115587348 B CN 115587348B CN 202211483088 A CN202211483088 A CN 202211483088A CN 115587348 B CN115587348 B CN 115587348B
Authority
CN
China
Prior art keywords
pcie
memory
interval
access
access request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211483088.8A
Other languages
Chinese (zh)
Other versions
CN115587348A (en
Inventor
石伟
刘威
龚锐
张剑锋
王蕾
冯权友
张见
潘国腾
罗莉
周理
王永文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN202211483088.8A priority Critical patent/CN115587348B/en
Publication of CN115587348A publication Critical patent/CN115587348A/en
Application granted granted Critical
Publication of CN115587348B publication Critical patent/CN115587348B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1483Protection against unauthorised use of memory or access to memory by checking the subject access rights using an access-table, e.g. matrix or list
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/14Handling requests for interconnection or transfer
    • G06F13/20Handling requests for interconnection or transfer for access to input/output bus
    • G06F13/28Handling requests for interconnection or transfer for access to input/output bus using burst mode transfer, e.g. direct memory access DMA, cycle steal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2213/00Indexing scheme relating to interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F2213/0026PCI express
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a configurable security control method, a device and a medium for access and storage of PCIE equipment, wherein the configurable security control method for access and storage of the PCIE equipment comprises the following steps: s101, intercepting a PCIE access request sent by a PCIE root complex module; s102, determining a memory interval which is allowed to be accessed by a PCIE memory access request; s103, filtering the PCIE access requests of which the target address is not in the memory interval allowed to be accessed, and only continuously executing the PCIE access requests of which the target address is in the memory interval allowed to be accessed. The invention can control the security access of PCIE EP equipment to the memory space, realize the isolation between the off-chip security equipment and the non-security equipment accessing the memory space, expand the credible execution environment of the traditional security software from the on-chip to the on-chip and the off-chip, and block the hardware security hidden trouble of the traditional PCIE structure.

Description

Configurable security control method, device and medium for access of PCIE (peripheral component interface express) equipment
Technical Field
The invention belongs to the technical field of access and storage security of PCIE (peripheral component interface express) equipment, and particularly relates to a configurable security control method, a device and a medium for access and storage of PCIE equipment.
Background
Currently, hardware security is gaining more and more attention. The system safety is enhanced from the perspective of bottom hardware safety, and a safer information system can be formed only by preventing safety holes. In the existing international mainstream CPU architecture, mechanisms related to hardware resource isolation are defined. Based on the mechanisms, an isolation area can be constructed in the system, the isolation area has independent computing and storage resources, data in the isolation area cannot be accessed by resources outside the isolation area from the aspect of hardware, and software executed in the area cannot be tampered maliciously, so that a safe trusted execution environment is constructed.
Conventional hardware resource isolation mechanisms are typically built around the inside of the processor. However, with the increasing computing power of the on-chip accelerator, the heterogeneous frame using the main processing chip and the on-chip accelerator chip is increasingly applied in the novel application field. Generally, an acceleration chip is connected to a main processor through a PCIE bus, and the PCIE bus is not brought into an isolation area under a current mainstream CPU hardware resource isolation architecture. As shown in fig. 1, in a System architecture common to an on-Chip SOC (System on Chip) System and an off-Chip PCIE device, a PCIE root complex device (RC device) inside the SOC is a root of a PCIE bus, and the PCIE root complex device may be located in the SOC System and connected to a processor (CPU) and a Memory (Memory) in the on-Chip System through an on-Chip network. PCIE terminal devices (EP devices) are devices capable of supporting diverse application functions, and mainly include a video card, a network card, and the like. The switching device is a PCIE switch, and the expansion of the PCIE link can be realized under the condition that the PCIE link cannot meet the requirement. Therefore, from the security perspective of the CPU side, the off-chip PCIE terminal device (EP device) is located outside the trusted execution environment. If a PCIE root complex device (RC device) is added to a trusted execution environment, a PCIE terminal device (EP device) may randomly acquire data in the trusted environment by requesting, so that a conventional PCIE structure has a large hardware potential safety hazard.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: the invention aims to control the safe access of PCIE terminal equipment PCIE EP equipment to a storage space, realize the isolation between the safety equipment outside a chip and the non-safety equipment accessing the storage space, expand the credible execution environment of the traditional safety software from inside to outside the chip and effectively block the hardware safety hidden danger of the traditional PCIE system architecture.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows:
a configurable security control method for access of PCIE equipment comprises the following steps:
s101, intercepting a PCIE access request sent by a PCIE root complex module;
s102, determining a memory interval which is allowed to be accessed by a PCIE memory access request;
s103, filtering the PCIE access requests of which the target address is not in the memory interval allowed to be accessed, and only continuously executing the PCIE access requests of which the target address is in the memory interval allowed to be accessed.
Optionally, step S102 includes:
s201, acquiring a security bit which is carried in a PCIE access request and is used for indicating the security state of a CPU;
s202, if the CPU safety state represented by the safety bit is a safety state, determining that a safety interval and a non-safety interval in the memory are both memory intervals which are allowed to be accessed by the PCIE memory access request; otherwise, only the non-security interval in the memory is determined to be the memory interval which is allowed to be accessed by the PCIE memory access request.
Optionally, step S102 includes:
s301, obtaining an interval INDEX INDEX carried in a PCIE access request, wherein a memory is divided into a plurality of memory intervals in advance;
s302, determining that the memory interval corresponding to the interval INDEX INDEX is the memory interval which is allowed to be accessed by the PCIE memory access request.
Optionally, step S102 includes:
s401, a PCIE access request is obtained;
s402, matching the PCIE access request with a preset global table to obtain a corresponding interval INDEX INDEX, wherein the global table comprises a mapping relation between the PCIE access request and the corresponding interval INDEX INDEX;
s403, determining that the memory interval corresponding to the interval INDEX is a memory interval that the PCIE memory access request allows access.
Optionally, step S102 includes:
s501, obtaining an interval INDEX INDEX carried in a PCIE access request, wherein a memory is divided into a safety interval and a non-safety interval in advance;
s502, a PCIE access request is matched with a preset global table, and if the global table has matched entries, the safe interval and the non-safe interval in the memory are both the memory interval which the PCIE access request allows to be accessed; otherwise, only determining that the non-secure interval in the memory is the memory interval that the PCIE access request allows to access, where the global table includes the secure PCIE access request and the interval INDEX thereof.
Optionally, in the global table, a field of each entry includes { INDEX, bus, dev, func }, where the field INDEX is an interval INDEX, the field Bus is a Bus number of a PCIE access request, the field Dev is a device number of a PCIE terminal device that initiates the PCIE access request, and the field Func is a function number of the PCIE access request.
Optionally, in the fields in the global table, the length of the field INDEX is log2 (n) bits, the length of the field Bus is 8 bits, the length of the field Dev is 5 bits, and the length of the field Func is 3 bits, where n is the number of memory intervals into which the memory is pre-divided.
Optionally, in the step S402, matching the PCIE memory access request with a preset global table means matching the PCIE memory access request with the preset global table by using a content matching and CAM searching manner.
In addition, the present invention also provides a configurable security control apparatus for memory access of PCIE devices, including:
the security configuration module is used for intercepting a PCIE access request sent by the PCIE root complex module and determining a memory interval which is allowed to be accessed by the PCIE access request;
the security control module is used for filtering the PCIE access request of which the target address is not in the memory interval which is allowed to be accessed, and only continuously executing the PCIE access request of which the target address is in the memory interval which is allowed to be accessed;
the safety configuration module is arranged between the PCIE root complex device and the network on chip of the CPU in series, and the safety control module is arranged between the network on chip of the CPU and the SOC memory controller in series.
In addition, the invention also provides a configurable security control device for access and storage of the PCIE equipment, which comprises a microprocessor and a memory which are mutually connected, wherein the microprocessor is programmed or configured to execute the configurable security control method for access and storage of the PCIE equipment.
In addition, the present invention further provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute a configurable security control method for access of the PCIE device.
Compared with the prior art, the invention mainly has the following advantages: the method comprises the steps of intercepting a PCIE access request sent by a PCIE root complex module, determining a memory interval which is allowed to be accessed by the PCIE access request, filtering the PCIE access request of which the target address is not in the memory interval which is allowed to be accessed, and only continuously executing the PCIE access request of which the target address is in the memory interval which is allowed to be accessed, thereby realizing the control of the security access of the PCIE terminal equipment to the memory space, realizing the isolation between the off-chip security equipment and the non-security equipment for accessing the memory space, expanding the credible execution environment of the traditional security software from the on-chip to the off-chip, and effectively blocking the hardware potential safety hazard of the traditional PCIE system architecture.
Drawings
Fig. 1 is a schematic diagram of a system architecture commonly used by a conventional on-chip SOC system and an off-chip PCIE device.
FIG. 2 is a schematic diagram of a basic process flow of a method according to an embodiment of the present invention.
Fig. 3 is a flowchart illustrating the step S102 according to an embodiment of the invention.
Fig. 4 is a schematic structural diagram of an apparatus according to a first embodiment of the present invention.
Fig. 5 is a flowchart illustrating step S102 according to a second embodiment of the present invention.
Fig. 6 is a schematic structural diagram of a device according to a second embodiment of the present invention.
Fig. 7 is a flowchart illustrating step S103 according to a second embodiment of the present invention.
Fig. 8 is a flowchart illustrating step S102 in the third embodiment of the present invention.
Fig. 9 is a schematic diagram of a global table in the third embodiment of the present invention.
Fig. 10 is a flowchart illustrating step S102 in the fourth embodiment of the present invention.
Detailed Description
The first embodiment is as follows:
as shown in fig. 2, the configurable security control method for memory access of PCIE device in this embodiment includes:
s101, intercepting a PCIE access request sent by a PCIE root complex module;
s102, determining a memory interval which is allowed to be accessed by a PCIE memory access request;
s103, filtering the PCIE access requests of which the target address is not in the memory interval allowed to be accessed, and only continuously executing the PCIE access requests of which the target address is in the memory interval allowed to be accessed.
A PCIE access request sent by the PCIE root complex module is a PCIE terminal device from the outside, and a DMA request sent by the PCIE terminal device is a PCIE access request, which can implement data transmission between the memory and the PCIE terminal device, for example, the PCIE terminal device sends a read access request to the memory, and the memory returns requested data to the PCIE terminal device; and the PCIE terminal equipment sends a write access request to the memory, and the PCIE terminal equipment writes data into the memory.
In the embodiment, the memory interval in which the PCIE memory access request is allowed to access is determined, the PCIE memory access request whose target address is not in the memory interval in which the PCIE memory access request is allowed to access is filtered, and only the PCIE memory access request whose target address is in the memory interval in which the PCIE memory access request is allowed to access is continuously executed, so that the access of the PCIE memory access request to the memory is restricted by the memory interval in which the PCIE memory access is allowed to access, thereby controlling the secure access of the PCIE terminal device to the memory interval, realizing the isolation between the off-chip secure device and the non-secure device for accessing the memory interval, expanding the trusted execution environment of the conventional security software from the inside of the chip to the outside of the chip, and effectively blocking the hardware security hidden danger of the conventional PCIE system architecture.
It should be noted that there may be various ways of determining the memory interval that the PCIE memory access request allows to access, and there may also be various memory security control forms in the memory interval. For example, as an optional implementation manner, in this embodiment, a secure control manner based on a secure bit carried in a PCIE memory access request is implemented, and two types of memory security control manners between a secure interval and a non-secure interval are implemented. Specifically, as shown in fig. 3, step S102 in this embodiment includes:
s201, acquiring a security bit which is carried in a PCIE access request and used for indicating the security state of a CPU; the CPU safety state of the high-safety CPU is divided into a safety state and a non-safety state, the safety state executes safety application, and the non-safety state executes common application. The secure application is isolated from normal application execution, and the normal application cannot access data of the secure application. Therefore, when the system is started, software can configure and divide a memory interval, and a part of memory area is specially divided for a safe state, namely a safe interval and a non-safe interval;
s202, if the CPU safety state represented by the safety bit is a safety state, determining that a safety interval and a non-safety interval in the memory are both memory intervals which are allowed to be accessed by the PCIE memory access request; otherwise, only determining that the non-security interval in the memory is the memory interval which is allowed to be accessed by the PCIE memory access request. The mode that the CPU security state represented by the security bit is the secure state/the non-secure state may adopt a required expression mode according to actual needs, for example: the CPU safety state is expressed as a safety state/non-safety state by adopting a mode of safety bit existence/non-safety bit existence, or the CPU safety state is expressed as a safety state/non-safety state (for example, values are 1 and 0) by adopting a mode of different values of the safety bit existence.
As shown in fig. 4, the present invention further provides a configurable security control apparatus for memory access of PCIE devices, including:
the security configuration module is used for intercepting a PCIE access request sent by the PCIE root complex module and determining a memory interval which is allowed to be accessed by the PCIE access request;
the security control module is used for filtering the PCIE access request of which the target address is not in the memory interval which is allowed to be accessed, and only continuously executing the PCIE access request of which the target address is in the memory interval which is allowed to be accessed;
the safety configuration module is arranged between the PCIE root complex device and the network on chip of the CPU in series, and the safety control module is arranged between the network on chip of the CPU and the SOC memory controller in series.
As can be seen from fig. 4, in this embodiment, a security configuration module is added between the PCIE root complex device and the on-chip network of the CPU, and a security control module is added between the on-chip network of the CPU and the SOC memory controller, so as to implement security control of PCIE memory access request (DMA) to access the memory. Referring to fig. 4, the memory is divided into a secure interval and a non-secure interval, and two types of memory security control modes between the secure interval and the non-secure interval are implemented. The safety control module is a module positioned between the on-chip bus and the memory controller and is responsible for filtering the memory access.
In addition, the invention also provides a configurable security control device for access and storage of the PCIE equipment, which comprises a microprocessor and a memory which are mutually connected, wherein the microprocessor is programmed or configured to execute the configurable security control method for access and storage of the PCIE equipment.
In addition, the present invention further provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute a configurable security control method for access of the PCIE device.
Example two:
the present embodiment is basically the same as the first embodiment, and the main differences are that the mode of determining the memory interval that the PCIE memory access request allows to access and the memory security control form of the memory interval are different.
As shown in fig. 5, step S102 of this embodiment includes:
s301, obtaining an interval INDEX INDEX carried in a PCIE access request, wherein a memory is divided into a plurality of memory intervals in advance; for example, in this embodiment, the memory is pre-divided into n memory intervals, and the corresponding indexes are 0 to n respectively;
s302, determining a memory interval corresponding to the interval INDEX as a memory interval that the PCIE memory access request allows access.
In this embodiment, a memory security control method using a memory interval as a granularity is implemented, and the granularity of security control is better compared with the first embodiment.
In this embodiment, the interval INDEX is pre-configured in the PCIE access request, and the generation of the interval INDEX may be implemented by the PCIE root complex module or the PCIE terminal device, where the interval INDEX of each PCIE terminal device is a fixed value, and the interval indexes of different PCIE terminal devices are different from each other. Therefore, as an optional implementation manner, after step S301 and before step S302, for the interval INDEX carried in the PCIE access request, a preset interval INDEX and a PCIE terminal device mapping table may be used for checking to prevent a forged PCIE access request. If the verification is not passed, the PCIE access request is discarded or recorded, and only if the verification is passed, the step S302 is executed continuously.
When it is determined in step S302 that the memory interval corresponding to the interval INDEX is the memory interval that the PCIE memory access request allows to access, a required mapping manner may be adopted as needed: if a direct mapping mode is adopted, the interval INDEX INDEX is directly used as the INDEX of the corresponding memory interval, and the memory interval which is allowed to be accessed by the PCIE memory access request can be quickly determined; if the indirect mapping is adopted, the interval INDEX is mapped to the corresponding memory interval by adopting a mapping function (such as a hash function, etc.), which is better in security but needs to spend extra calculation and time.
In this embodiment, a direct mapping manner is adopted, and the interval INDEX is directly output to step S103.
Referring to fig. 5, in step S103, different processing is performed by determining whether the interval INDEX hits in the memory intervals 0 to n, and if the interval INDEX hits in the memory intervals 0 to n, it is determined that the target address is within the memory interval allowed to be accessed, for example, if the interval INDEX hits in the memory interval n in fig. 5, the access to the memory interval n is continued; if the target address is not in the memory interval which is allowed to be accessed, the target address is judged not to be in the memory interval which is allowed to be accessed, and the memory access request of the PCIE needs to be filtered (direct discarding or discarding after recording can be selected). It should be noted that, the manner in which the memory is divided into the memory partitions 0 to n is determined by the configuration of the system software, and the embodiment of the method of this embodiment does not depend on a specific division manner.
As shown in fig. 6, the present invention further provides a configurable security control apparatus for memory access of PCIE devices, including:
the security configuration module is used for intercepting a PCIE access request sent by the PCIE root complex module and determining a memory interval which is allowed to be accessed by the PCIE access request;
the security control module is used for filtering the PCIE access request of which the target address is not in the memory interval which is allowed to be accessed, and only continuously executing the PCIE access request of which the target address is in the memory interval which is allowed to be accessed;
the safety configuration module is arranged between the PCIE root complex device and the network on chip of the CPU in series, and the safety control module is arranged between the network on chip of the CPU and the SOC memory controller in series.
As can be seen from fig. 6, in this embodiment, a security configuration module is added between the PCIE root complex device and the on-chip network of the CPU, and a security control module is added between the on-chip network of the CPU and the SOC memory controller, so as to implement security control of PCIE memory access request (DMA) to access the memory. Referring to fig. 4, the memory is divided into memory intervals 0 to n, so that a memory security control mode with granularity of the memory intervals is realized. The safety control module is a module positioned between the on-chip bus and the memory controller and is responsible for filtering the memory access. And the security control module matches the security attribute of the access request with the security attribute of the target space, and the corresponding memory interval can be accessed only after the security attributes are matched.
In addition, the invention also provides a configurable security control device for access and storage of the PCIE equipment, which comprises a microprocessor and a memory which are mutually connected, wherein the microprocessor is programmed or configured to execute the configurable security control method for access and storage of the PCIE equipment.
In addition, the present invention further provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute a configurable security control method for access of the PCIE device.
Example three:
the present embodiment is basically the same as the second embodiment, and the main differences are that the mode of determining the memory interval that the PCIE memory access request allows to access and the memory security control form of the memory interval are different.
As shown in fig. 6, step S102 of this embodiment includes:
s401, a PCIE access request is obtained;
s402, matching the PCIE access request with a preset global table to obtain a corresponding interval INDEX INDEX, wherein the global table comprises a mapping relation between the PCIE access request and the corresponding interval INDEX INDEX;
s403, determining that the memory interval corresponding to the interval INDEX is a memory interval that the PCIE memory access request allows access.
The second embodiment is to implement limitation on memory access by means of an interval INDEX carried in a PCIE memory access request, and unlike the second embodiment, the interval INDEX is generated by a security configuration module instead of being configured in the PCIE memory access request in this embodiment, so that the PCIE memory access request can be kept unchanged, and good compatibility of a PCIE root complex module or a PCIE terminal device is ensured.
As shown in fig. 7, in the global table in this embodiment, fields of each entry include { INDEX, bus, dev, func }, where the field INDEX is an interval INDEX, the field Bus is a Bus number of a PCIE access request, the field Dev is a device number of a PCIE terminal device that initiates the PCIE access request, and the field Func is a function number of the PCIE access request.
According to the definition of the PCIE protocol, each node in the PCIE topology is identified by a 16-bit ID number ReqID = { Bus, dev, func }, and each node occupies one ID number, so in a field in the global table in this embodiment, the length of the field INDEX is log2 (n) bits, the length of the field Bus is 8 bits, the length of the field Dev is 5 bits, the length of the field Func is 3 bits, where n is the number of memory intervals into which the memory is divided in advance.
When each PCIE terminal device sends a PCIE memory access request for accessing the memory, the ID number is carried in the request. The invention generates the corresponding interval INDEX INDEX through the global table, thereby controlling which PCIE terminal equipment can access the safe storage space and which PCIE terminal equipment can only access the unsafe storage space.
In this embodiment, the step S402 of matching the PCIE memory access request with the preset global table means that a content matching and CAM searching manner is adopted to match the PCIE memory access request with the preset global table.
In addition, the present invention also provides a configurable security control device for access of PCIE devices, including:
the security configuration module is used for intercepting a PCIE access request sent by the PCIE root complex module and determining a memory interval which is allowed to be accessed by the PCIE access request;
the security control module is used for filtering the PCIE access request of which the target address is not in the memory interval which is allowed to be accessed, and only continuously executing the PCIE access request of which the target address is in the memory interval which is allowed to be accessed;
the safety configuration module is arranged between the PCIE root complex device and the network on chip of the CPU in series, and the safety control module is arranged between the network on chip of the CPU and the SOC memory controller in series.
In addition, the invention also provides a configurable security control device for access and storage of PCIE equipment, which comprises a microprocessor and a memory which are mutually connected, wherein the microprocessor is programmed or configured to execute the configurable security control method for access and storage of the PCIE equipment.
In addition, the present invention further provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute a configurable security control method for access of the PCIE device.
Example four:
the present embodiment is basically the same as the third embodiment, and the main differences are that the mode of determining the memory interval that the PCIE memory access request allows to access and the memory security control form of the memory interval are different.
As shown in fig. 8, step S102 of this embodiment includes:
s501, obtaining an interval INDEX INDEX carried in a PCIE access request, wherein a memory is divided into a safety interval and a non-safety interval in advance;
s502, matching an interval INDEX INDEX carried in the PCIE access request with a preset global table, and if a matched table entry exists in the global table, determining that a safe interval and a non-safe interval in a memory are both memory intervals which are allowed to be accessed by the PCIE access request; otherwise, only determining that a non-secure interval in the memory is a memory interval to which the PCIE memory access request allows access, where the global table includes the secure PCIE memory access request and an interval INDEX thereof.
When a PCIE access request is matched with a preset global table, first, a CAM manner, that is, a content matching lookup manner, is used to lookup the global table by ReqID = { Bus, dev, func } of a PCIE device request message, and if { Bus, dev, func } does not hit any entry { Bus, dev, func } in the global table (the entry may also include an interval INDEX), it is determined that only an unsecure interval is allowed to be accessed; if a hit occurs, then a secure interval and a non-secure interval are determined to be allowed.
In this embodiment, the PCIE memory access request and the preset global table are matched with two types of memory intervals that the PCIE memory access request allows to access, so that security control for two interval division modes, i.e., a secure interval and a non-secure interval, is implemented.
In addition, the present invention also provides a configurable security control apparatus for memory access of PCIE devices, including:
the security configuration module is used for intercepting a PCIE access request sent by the PCIE root complex module and determining a memory interval which is allowed to be accessed by the PCIE access request;
the security control module is used for filtering the PCIE access request of which the target address is not in the memory interval which is allowed to be accessed, and only continuously executing the PCIE access request of which the target address is in the memory interval which is allowed to be accessed;
the safety configuration module is arranged between the PCIE root complex device and the network on chip of the CPU in series, and the safety control module is arranged between the network on chip of the CPU and the SOC memory controller in series.
In addition, the invention also provides a configurable security control device for access and storage of the PCIE equipment, which comprises a microprocessor and a memory which are mutually connected, wherein the microprocessor is programmed or configured to execute the configurable security control method for access and storage of the PCIE equipment.
In addition, the present invention further provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute a configurable security control method for access of the PCIE device.
Example five:
the present embodiment is basically the same as the first embodiment, and the main difference is that the mode of determining the memory interval that the PCIE memory access request allows access and the memory security control form of the memory interval are different.
In this embodiment, step S102 includes:
s601, acquiring a PCIE access request;
s602, matching the PCIE access request with a preset global table to obtain a corresponding interval INDEX INDEX, wherein the global table comprises a mapping relation between the PCIE access request and the interval INDEX INDEX corresponding to the PCIE access request;
when a PCIE access request is matched with a preset global table, first, reqID = { Bus, dev, func } of a PCIE device request message is used to search the global table in a CAM manner, where the CAM manner is a content matching search manner, and if { Bus, dev, func } hits any entry { INDEX, bus, dev, func } in the global table, a corresponding interval INDEX may be determined.
S603, matching an interval INDEX INDEX carried in the PCIE access request with a preset global table, and if a matched table entry exists in the global table, determining that a safe interval and a non-safe interval in the memory are both memory intervals which are allowed to be accessed by the PCIE access request; otherwise, only determining that the non-secure interval in the memory is the memory interval that the PCIE access request allows to access, where the global table includes the secure PCIE access request and the interval INDEX thereof.
In this embodiment, the PCIE memory access request and the preset global table are matched with two types of memory intervals that the PCIE memory access request allows to access, so that security control for two interval division modes, i.e., a secure interval and a non-secure interval, is implemented.
In addition, the present invention also provides a configurable security control apparatus for memory access of PCIE devices, including:
the security configuration module is used for intercepting a PCIE access request sent by the PCIE root complex module and determining a memory interval which is allowed to be accessed by the PCIE access request;
the security control module is used for filtering PCIE access requests of which the target addresses are not in the memory interval which the target addresses are allowed to access, and only continuously executing the PCIE access requests of which the target addresses are in the memory interval which the target addresses are allowed to access;
the safety configuration module is arranged between the PCIE root complex device and the network on chip of the CPU in series, and the safety control module is arranged between the network on chip of the CPU and the SOC memory controller in series.
In addition, the invention also provides a configurable security control device for access and storage of the PCIE equipment, which comprises a microprocessor and a memory which are mutually connected, wherein the microprocessor is programmed or configured to execute the configurable security control method for access and storage of the PCIE equipment.
In addition, the present invention further provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used for being programmed or configured by a microprocessor to execute a configurable security control method for access of the PCIE device.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-readable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.

Claims (9)

1. A configurable security control method for access of PCIE equipment is characterized by comprising the following steps:
s101, intercepting a PCIE access request sent by a PCIE root complex module;
s102, determining a memory interval which is allowed to be accessed by a PCIE memory access request;
s103, filtering PCIE access requests of which the target address is not in the memory interval which the target address allows to access, and only continuously executing the PCIE access requests of which the target address is in the memory interval which the target address allows to access;
step S102 includes:
s201, acquiring a security bit which is carried in a PCIE access request and used for indicating the security state of a CPU;
s202, if the CPU safety state represented by the safety bit is a safety state, determining that a safety interval and a non-safety interval in the memory are both memory intervals which are allowed to be accessed by the PCIE memory access request; otherwise, only determining that the non-security interval in the memory is the memory interval which is allowed to be accessed by the PCIE memory access request.
2. A configurable security control method for access of PCIE equipment is characterized by comprising the following steps:
s101, intercepting a PCIE access request sent by a PCIE root complex module;
s102, determining a memory interval which is allowed to be accessed by a PCIE memory access request;
s103, filtering PCIE access requests of which the target address is not in the memory interval which the target address allows to access, and only continuously executing the PCIE access requests of which the target address is in the memory interval which the target address allows to access;
step S102 includes:
s301, obtaining an interval INDEX INDEX carried in a PCIE access request, wherein a memory is divided into a plurality of memory intervals in advance;
s302, determining a memory interval corresponding to the interval INDEX as a memory interval that the PCIE memory access request allows access.
3. A configurable security control method for memory access of PCIE equipment is characterized by comprising the following steps:
s101, intercepting a PCIE access request sent by a PCIE root complex module;
s102, determining a memory interval which is allowed to be accessed by a PCIE memory access request;
s103, filtering PCIE access requests of which the target address is not in the memory interval which the target address allows to access, and only continuously executing the PCIE access requests of which the target address is in the memory interval which the target address allows to access;
step S102 includes:
s401, a PCIE access request is obtained;
s402, matching the PCIE access request with a preset global table to obtain a corresponding interval INDEX INDEX, wherein the global table comprises a mapping relation between the PCIE access request and the corresponding interval INDEX INDEX;
s403, determining that the memory interval corresponding to the interval INDEX is a memory interval that the PCIE memory access request allows to access.
4. The method of claim 3, wherein in the global table, a field of each entry includes { INDEX, bus, dev, func }, where the field INDEX is an interval INDEX, the field Bus is a Bus number of a PCIE access request, the field Dev is a device number of a PCIE terminal device that initiates the PCIE access request, the field Func is a function number of the PCIE access request, the length of the field INDEX is log2 (n) bits, the length of the field Bus is 8 bits, the length of the field Dev is 5 bits, the length of the field Func is 3 bits, and n is a number of memory intervals into which a memory is pre-divided.
5. The method as claimed in claim 4, wherein the step S402 of matching the PCIE access request with the preset global table means that a content matching and CAM searching manner is adopted to match the PCIE access request with the preset global table.
6. A configurable security control method for access of PCIE equipment is characterized by comprising the following steps:
s101, intercepting a PCIE access request sent by a PCIE root complex module;
s102, determining a memory interval which is allowed to be accessed by a PCIE memory access request;
s103, filtering PCIE access requests of which the target address is not in the memory interval which the target address allows to access, and only continuously executing the PCIE access requests of which the target address is in the memory interval which the target address allows to access;
step S102 includes:
s501, obtaining an interval INDEX INDEX carried in a PCIE access request, wherein a memory is divided into a safety interval and a non-safety interval in advance;
s502, a PCIE access request is matched with a preset global table, and if the global table has matched entries, the safe interval and the non-safe interval in the memory are both the memory interval which the PCIE access request allows to be accessed; otherwise, only determining that the non-secure interval in the memory is the memory interval that the PCIE access request allows to access, where the global table includes the secure PCIE access request and the interval INDEX thereof.
7. The method as claimed in claim 6, wherein fields of each entry in the global table include { INDEX, bus, dev, func }, where the field INDEX is an interval INDEX, the field Bus is a Bus number of a PCIE access request, the field Dev is a device number of a PCIE endpoint device that initiates a PCIE access request, the field Func is a function number of a PCIE access request, the length of the field INDEX is log2 (n) bits, the length of the field Bus is 8 bits, the length of the field Dev is 5 bits, the length of the field Func is 3 bits, and n is a number of memory intervals into which memory is pre-divided.
8. A configurable security control apparatus for PCIE device access, comprising a microprocessor and a memory that are connected to each other, where the microprocessor is programmed or configured to execute the configurable security control method for PCIE device access according to any one of claims 1 to 7.
9. A computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute a configurable security control method for access of a PCIE device as defined in any one of claims 1 to 7.
CN202211483088.8A 2022-11-24 2022-11-24 Configurable security control method, device and medium for access of PCIE (peripheral component interface express) equipment Active CN115587348B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211483088.8A CN115587348B (en) 2022-11-24 2022-11-24 Configurable security control method, device and medium for access of PCIE (peripheral component interface express) equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211483088.8A CN115587348B (en) 2022-11-24 2022-11-24 Configurable security control method, device and medium for access of PCIE (peripheral component interface express) equipment

Publications (2)

Publication Number Publication Date
CN115587348A CN115587348A (en) 2023-01-10
CN115587348B true CN115587348B (en) 2023-04-07

Family

ID=84783574

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211483088.8A Active CN115587348B (en) 2022-11-24 2022-11-24 Configurable security control method, device and medium for access of PCIE (peripheral component interface express) equipment

Country Status (1)

Country Link
CN (1) CN115587348B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118132242A (en) * 2024-05-06 2024-06-04 中国人民解放军国防科技大学 Method and device for supporting high-speed peripheral safety message interruption

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5991856A (en) * 1997-09-30 1999-11-23 Network Associates, Inc. System and method for computer operating system protection
CN103430161B (en) * 2012-11-15 2016-12-21 华为技术有限公司 The method of a kind of Based PC IE Switch communication, Apparatus and system
US10049216B2 (en) * 2014-02-06 2018-08-14 Intel Corporation Media protection policy enforcement for multiple-operating-system environments
US11226908B2 (en) * 2019-07-31 2022-01-18 Hewlett Packard Enterprise Development Lp Securing transactions involving protected memory regions having different permission levels
CN112384923A (en) * 2019-11-27 2021-02-19 深圳市大疆创新科技有限公司 Memory access method, microprocessor, client and computer storage medium
US20210200707A1 (en) * 2019-12-27 2021-07-01 Texas Instruments Incorporated End-to-end isolation over pcie
US11334258B2 (en) * 2020-06-10 2022-05-17 Marvell Asia Pte Ltd System and method for memory region protection
CN112417470B (en) * 2020-11-06 2023-06-27 上海壁仞智能科技有限公司 Method, device, electronic equipment and storage medium for realizing GPU data security access
CN113486410B (en) * 2021-06-30 2023-11-21 海光信息技术股份有限公司 Method for protecting data security, CPU core, CPU chip and electronic equipment
US11816040B2 (en) * 2022-04-02 2023-11-14 Intel Corporation Device memory protection for supporting trust domains

Also Published As

Publication number Publication date
CN115587348A (en) 2023-01-10

Similar Documents

Publication Publication Date Title
TWI570589B (en) Apparatus for providing trusted computing
JP5164290B2 (en) Information flow tracking and protection
US10972449B1 (en) Communication with components of secure environment
JP5153887B2 (en) Method and apparatus for transfer of secure operating mode access privileges from a processor to a peripheral device
US20060212939A1 (en) Virtualization of software configuration registers of the TPM cryptographic processor
EP2062145A1 (en) Memory access security management
CN109766164A (en) A kind of access control method, EMS memory management process and relevant apparatus
JP7327731B2 (en) Security protection method and device in in-vehicle system
CN115587348B (en) Configurable security control method, device and medium for access of PCIE (peripheral component interface express) equipment
CN112351022B (en) Security protection method and device for trust zone
CN104731635A (en) Virtual machine access control method and virtual machine access control system
CN111709023A (en) Application isolation method and system based on trusted operating system
US20050165783A1 (en) Secure direct memory access through system controllers and similar hardware devices
CN115017497A (en) Information processing method, device and storage medium
US11334258B2 (en) System and method for memory region protection
KR101460451B1 (en) Apparatus and method for controlling process address space
CN115688089A (en) Method, system and medium for safely extending PCIE protocol
CN116340243A (en) Dual-core trusted execution security chip architecture
WO2022228287A1 (en) Memory data acquisition method and apparatus, and storage medium
US7246213B2 (en) Data address security device and method
CN115549938A (en) Host firewall interface for controller
US7356678B2 (en) Security measures in a partitionable computing system
CN116257368A (en) Communication method in computer system and related product
JP2002318700A (en) Providing/control method for operation management information of virtual computer system and virtual computer system
US20190370054A1 (en) Information Protection Method and Apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant